Data communication over the Internet has become a common aspect of daily life for millions of people throughout the world. Many companies have established an Internet presence, i.e., web site, through which a user can access services and data provided by the company, and create a secure user account for storage and manipulation of data that is private to the user. The data stored under the protection of a user's secure user account may include sensitive data that is a target of corrupt individuals, such as banking data, personal data, or essentially any other type of sensitive data. Therefore, it is of continuing interest to enhance security measures utilized to protect secure user accounts from unauthorized access. However, the impact of such enhanced security measures on the legitimate user's overall online experience should also be considered. It is within this context that the present invention arises.